Firewall Wizards mailing list archives
RE: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd)
From: Peter Mayne <Peter.Mayne () digital com>
Date: Mon, 19 Oct 1998 13:25:30 +1000
Not a firewall, but a way of securely "connecting" a classified network to an unclassified network. The quote is right: in this kind of environment, a firewall is useless. The page at http://www.adc.gov.au/news/feature_infosec.html says:
The other members of the consortium are Compucat, a Canberra-based specialist in computer security, and Digital Equipment Corporation (Australia), a subsidiary of the US information technology giant.
The Interactive Link allows a computer operator to open both classified and unclassified "windows" simultaneously on the same workstation screen, and to import information from the unclassified to the classified window, but not the other way around.
(I included the first paragraph so I can take the opportunity to guarantee that I have nothing to do with it.) Here's an example: You're working on a classified network, but you want to be able to browse the Web. You can have a second system on your desk connected to an unclassified network, and on to the Internet, but that's clumsy and uses up space. So, why not run your browser on the unclassified system, but display it on the classified system (an everyday use for X Windows or SMS remote control)? If anybody hacks your browser, the only system at risk is the unclassified one, right? Likewise mail: if your email client is running on the unclassified system, and only displaying on your classified system, you can't send classified information, right? The holes are so obvious I won't start to point them out (as well a bunch of not so obvious holes), but 'what Vision Abell calls a "data diode" which allows information to travel one way but not the other' might help out here, hence the "software and hardware in a modest-sized grey box". Sounds horrendously complicated, so good for them if it works. See the links at http://www.dsto.defence.gov.au/stindex.htm#S for similar media releases about Starlight (found using AltaVista). I have absolutely no involvement in any of this whatsoever, just in case somebody thinks I'm giving away trade secrets; I've never heard of Vision Abell before the other day, I don't know how they do it, I've never seen it in action, etc, etc. I just happen to live here, and I saw the article in the paper. PJDM ---- Peter Mayne, Compaq Computer Corporation (Australia), Canberra, ACT These are my opinions, and have nothing to do with Compaq. I used to be a Digit, now I'm a Q.
Current thread:
- [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) ark (Oct 16)
- Re: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) John Nicholson (Oct 19)
- Re: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Christopher Nicholls (Oct 19)
- Re: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Technical Incursion Countermeasures (Oct 23)
- Re: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Rick Murphy (Oct 23)
- <Possible follow-ups>
- RE: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Peter Mayne (Oct 19)
- RE: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Paul McNabb (Oct 23)
- Re: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Steve Bellovin (Oct 27)
- RE: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Paul McNabb (Oct 28)
- RE: [ISN] New Defence Computer Keeps Hackers Out and Secret (fwd) Jeremy Epstein (Oct 28)